Citrix has patched five NetScaler ADC and NetScaler Gateway vulnerabilities, including a high-severity defect similar to CitrixBleed.
The libssh2 library, which is widely used, contains a critical security vulnerability. A published proof-of-concept exploit ...
OS 26.5.2 security update arrives weeks early as Apple adapts to AI tools that compress vulnerability discovery into hours.
Threat actors have started exploiting CVE-2026-46817, a critical-severity vulnerability in Oracle E-Business Suite’s Payments ...
When Ivanti disclosed critical flaws in its Connect Secure VPN gateway in January 2024, attackers had working exploits circulating within roughly 24 hours. By the time most IT teams scheduled a patch ...
Microsoft is trying to fix the RoguePlanet zero-day vulnerability impacting Defender on Windows 11 and Windows 10.
A threat actor started exploiting a severe vulnerability in Cisco products at least two months before the flaw was disclosed, ...
Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 ...
In a new proof-of-concept, endpoint security provider Morphisec showed that the Exploit Prediction Scoring System (EPSS), one of the most widely used frameworks for assessing vulnerability exploits, ...
Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...